Chris's Blog of Crazy Goodness! » Coding

Been Absent for the last month..

chris — Sun, 14 Mar 2010 16:07:06 +0000

So, I haven’t posted in awhile because I took on a side-project over at http://usmilitarygamers.com. I really like the end result, and I hope the team over there do too. I hope to circle back around and be a little more productive now that I have completed the coding of the usmilitarygamers.com website.

I built the site simply using phpbb, some extra standalone code to draw stats on several games, and some gaming pictures for use on the headers. Some of the great artist over at the usmg, provided an exceptional mascot (shown right on the homepage), titles, and several other pieces of artwork. (Thanks Timmy, DBG, and Maximus!, you guys are awesome!)

If you haven’t had a chance to take a look, head on over, and take a peak.

http://usmilitarygamers.com

I’d love to know what you think, if you have any suggestions, drop a comment here!

Enable .htaccess authentication using Apache?

chris — Thu, 04 Dec 2008 14:46:37 +0000

Enabling password authentication on Windows using Apache (link if you wish to RTFM) isn’t too much of a chore if you have basic knowledge of some simple coding and apache configuration.

A couple things to jot down:

Path to your Apache server (e.g., c:\apache)
Path to your CONF folder (e.g., c:\apache\conf)
Path to your DOCROOT folder (e.g., c:\apache\htdocs)
Path to the folder you wish to password-protect. In myexample, lets take a
folder called “secure”, so the path to this

would be
“c:\apache\htdocs\secure”. (It could be ABOVE the htdocs

folder as
well, FYI).

Ok, what to do:

Open up your httpd.conf. (On my machine this is at
“c:\apache\conf\httpd.conf”).
Look for the word AllowOverride, and change it from None to All.

Our httpd.conf is done. Now we need to create the password
file. Open up a DOS prompt and go to the apache’s BIN directory. In
my case, it is “c:\apache\bin”.

Now, we need to create the .HTACCESS file itself.

Restart Apache – This is what happens when accessing your secret area!

Setting up mod_auth_sspi & adldap

chris — Fri, 26 Sep 2008 17:39:24 +0000

WOW, that’s a mouthful!

Well, luckily, I just managed to get this working myself! Hurray for me!

WHAT THIS DOES???

This script will use the SSPI module to grab your local login
DOMAIN\ID, break the domain name off the front of your ID, then
utilizing adldap, query AD for your user ID, which is displayed
lastname,firstname, then break that apart, and echo first name last
name.

You can easily copy this on your intranet pages. (Which is what I use it for,)

ASSUMPTIONS

Windows 2003 STD server
PHP, MYSQL, APACHE (Typically referred to as a WAMP installation) installed and running correctly.
You have a working knowledge of PHP, and apache, and how to edit, modify files.

SETUP

Download the current release of ADLDAP from their website (At the time of this writing, the current version was v2.1)

Edit the file to point to your LDAP server. (See example below)

class adLDAP {

// BEFORE YOU ASK A QUESTION, PLEASE READ THE DOCUMENTATION AND THE FAQ

// http://adldap.sourceforge.net/documentation.php

// http://adldap.sourceforge.net/faq.php

// You can set your default variables here, or when you invoke the class

var $_account_suffix=“@yourdomin.com”;

var $_base_dn = “DC=yourdomain,DC=com”;

// An array of domain controllers. Specify multiple controllers if you

// would like the class to balance the LDAP queries amongst multiple servers

var $_domain_controllers = array (“yourdomaincontroller.yourdomin.com”);

// optional account with higher privileges for searching

// not really that optional because you can’t query much as a user

var $_ad_username=“account_to_query_AD”;

var $_ad_password=“password_for_Account”;

Copy the adldap.php file to your website. (I installed into /includes folder.)

ok, we’re done..

Just kidding, but not too much more!

Next, Download mod-auth-sspi from sourceforge.net .

Copy the files mod_auth_sspi.so and sspipkgs.exe to your apache modules folder.

Add the module to the server’s config file by editing httpd.con.

LoadModule sspi_auth_module modules/mod_auth_sspi.so

Protect a directory or location.

You can put these directives inside the httpd.conf file, or inside .htaccess

files if AllowOverride AuthConfig is set.

AllowOverride None

Options None

Order allow,deny

Allow from all

AuthName “My Intranet”

AuthType SSPI

SSPIAuth On

SSPIAuthoritative On

require valid-user

NOTE – There is information on the SSPI

Create a file named : whoami.php or you can name it, ilikepinkelephants.php if you prefer.

Copy this into it.

require(‘includes/adLDAP.php’); ?>

$cred = explode(‘\\’,$_SERVER['REMOTE_USER']);

if (count($cred) == 1) array_unshift($cred, “(no domain info – perhaps SSPIOmitDomain is On)”);

list($domain, $user) = $cred;

$ldap=new adLDAP($options);

if (1){

$result = $ldap->user_info($user,array(‘displayname’));

$_SESSION['username'] = $result[0][displayname][0];

$fullname = $_SESSION['username'];

$splitname = explode(“,”, $fullname);

echo $splitname[1];

echo (” “);

echo $splitname[0];

}

?>